“It’s a huge leap forward for biometrics in the consumer market,” says Michelle Warren, president of Toronto-based tech analysis firm MW Research & Consulting. “It pushes biometrics into the mainstream.”
The new iPhone 5S contains “Touch ID,” which reads the user’s fingerprint in order to unlock the phone. The sensor is situated on the home button at the bottom of the iPhone.
There was significant online buzz in the weeks prior to the announcement that a new iPhone would include this technology. The speculation was partially fuelled by Apple’s purchase of AuthenTec, a security firm that specializes in fingerprint security, last July.
Apple’s fingerprint sensor is based on the science of biometrics, which uses distinctive biological characteristics, such as a fingerprint or a retinal pattern, to authenticate a user’s ID.
Freedom from passwords
Apple’s new iPhone isn’t the first personal computing device to use biometric technology. In fact, consumer gadgets using this type of technology have been around for more than a decade.
In 2003, Sony introduced a thumb drive with a fingerprint scanner on board, for example. Microsoft and other manufacturers have marketed biometric-enabled keyboards, and a number of laptop makers currently offer models with built-in fingerprint readers. Companies such as Fujitsu and Pantech already produce niche smartphones with fingerprint readers in some Asian markets.
What makes Apple’s “Touch ID” significant is that it makes the enhanced convenience and security of biometrics a standard feature on the world’s most recognized smartphone platform.
And smartphones are where people are increasingly doing most of their business, from email to shopping to banking, says Martin Drew, president of iView Systems, an internet security firm based in Oakville, Ont.
“People hold their entire lives on these devices these days. If someone had access to your smartphone for two hours, the damage they could do to your life would be phenomenal,” says Drew.
He says the biggest benefit of biometrics is that it makes typing passwords obsolete.
Consumers have long complained that passwords are hard to remember. And when they forget them, the process of regaining access to their computer or smartphone involves a lot of hassle, says Drew. As a result, people generally stick with shorter, easier-to-remember passwords, which can make them susceptible to hackers.
Your fingerprint, on the other hand, never changes and is always on you.
The move to biometrics isn’t merely a solution to the password problem. It’s also a necessary security function as more and more people move to cloud computing and mobile transactions, says Peter O’Neill, president of Find Biometrics, a news site that reports on the biometrics industry.
“There are a lot of factors right now that are all coming together to make this the perfect scenario” for biometric technology, says O’Neill.
“And then you have a company like Apple that is really expert in end-user ability, which will make it really user-friendly and they’ll make it cool, too.”
Warren believes the fingerprint scanner will become a “mainstay” on smartphones. Now that Apple has introduced Touch ID, she says Google will likely develop similar technology for all of the Android-supported devices.
A mature technology
Apple’s adoption of biometrics for the iPhone is a high-profile example of how the technology is becoming more ubiquitous. Biometric technology has long been used in government and law enforcement as a way of authenticating people, but it is rapidly moving into the commercial and consumer sectors, says O’Neill.
In addition to fingerprint recognition, companies are working on biometric applications that could identify you through your iris, the geometry of your hand, even your heartbeat.
Drew’s company, iView Systems, focuses mainly on facial-recognition technology, selling it to casinos, for example, as a way to keep track of undesirable customers. But he says that facial-recognition software isn’t 100 per cent reliable, and can fail in poor lighting or when there is too much movement.
Facial-recognition software “has improved, but it’s not at a point where you’d want to use it to log onto your computer,” says Drew.
Fingerprint identification is currently the most accurate and most mature biometric technology, but it’s still possible to hack it, says Dimitrios Hatzinakos, director of the Identity, Privacy and Security Initiative at the University of Toronto.
“It’s not as easy as picking up somebody’s password – it would require some effort and planning,” he says.
Besides apocryphal stories of people cutting off another person’s finger in order to gain access to a biometrically locked device, Hatzinakos says that if someone had a copy of your fingerprint – left on a glass, for example – they could conceivably reproduce it and trick the sensor.
Drew says he is well aware of the potential pitfalls of biometric technology, but says that it is still preferable to the password system.
“Anything can be cracked eventually,” says Drew. “I think that’s how people look at it from a security perspective.”